CVE-2017-15709 Vulnerability Details

  /     /     /  

CVE-2017-15709 Metadata Quick Info

CVE Published: 13/02/2018 | CVE Updated: 16/09/2024 | CVE Year: 2017
Source: apache | Vendor: Apache Software Foundation | Product: Apache ActiveMQ
Status : PUBLISHED

---

CVE-2017-15709 Description

When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Information Leak
Source: Apache Software Foundation

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).